Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(52)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/heap/heap.cc

Issue 1488023002: Fix inobject slack tracking for both subclassing and non-subclassing cases. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: Moved and updated comments about slack tracking Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « src/factory.cc ('k') | src/ia32/builtins-ia32.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/heap/heap.h" 5 #include "src/heap/heap.h"
6 6
7 #include "src/accessors.h" 7 #include "src/accessors.h"
8 #include "src/api.h" 8 #include "src/api.h"
9 #include "src/ast/scopeinfo.h" 9 #include "src/ast/scopeinfo.h"
10 #include "src/base/bits.h" 10 #include "src/base/bits.h"
(...skipping 3358 matching lines...) Expand 10 before | Expand all | Expand 10 after
3369 if (start_offset == map->instance_size()) return; 3369 if (start_offset == map->instance_size()) return;
3370 DCHECK_LT(start_offset, map->instance_size()); 3370 DCHECK_LT(start_offset, map->instance_size());
3371 3371
3372 Object* filler; 3372 Object* filler;
3373 // We cannot always fill with one_pointer_filler_map because objects 3373 // We cannot always fill with one_pointer_filler_map because objects
3374 // created from API functions expect their internal fields to be initialized 3374 // created from API functions expect their internal fields to be initialized
3375 // with undefined_value. 3375 // with undefined_value.
3376 // Pre-allocated fields need to be initialized with undefined_value as well 3376 // Pre-allocated fields need to be initialized with undefined_value as well
3377 // so that object accesses before the constructor completes (e.g. in the 3377 // so that object accesses before the constructor completes (e.g. in the
3378 // debugger) will not cause a crash. 3378 // debugger) will not cause a crash.
3379 Object* constructor = map->GetConstructor(); 3379
3380 if (constructor->IsJSFunction() && 3380 // In case of Array subclassing the |map| could already be transitioned
3381 JSFunction::cast(constructor)->IsInobjectSlackTrackingInProgress()) { 3381 // to different elements kind from the initial map on which we track slack.
3382 Map* initial_map = map->FindRootMap();
3383 if (initial_map->IsInobjectSlackTrackingInProgress()) {
3382 // We might want to shrink the object later. 3384 // We might want to shrink the object later.
3383 DCHECK_EQ(0, obj->GetInternalFieldCount());
3384 filler = Heap::one_pointer_filler_map(); 3385 filler = Heap::one_pointer_filler_map();
3385 } else { 3386 } else {
3386 filler = Heap::undefined_value(); 3387 filler = Heap::undefined_value();
3387 } 3388 }
3388 obj->InitializeBody(map, start_offset, Heap::undefined_value(), filler); 3389 obj->InitializeBody(map, start_offset, Heap::undefined_value(), filler);
3390 initial_map->InobjectSlackTrackingStep();
3389 } 3391 }
3390 3392
3391 3393
3392 AllocationResult Heap::AllocateJSObjectFromMap( 3394 AllocationResult Heap::AllocateJSObjectFromMap(
3393 Map* map, PretenureFlag pretenure, AllocationSite* allocation_site) { 3395 Map* map, PretenureFlag pretenure, AllocationSite* allocation_site) {
3394 // JSFunctions should be allocated using AllocateFunction to be 3396 // JSFunctions should be allocated using AllocateFunction to be
3395 // properly initialized. 3397 // properly initialized.
3396 DCHECK(map->instance_type() != JS_FUNCTION_TYPE); 3398 DCHECK(map->instance_type() != JS_FUNCTION_TYPE);
3397 3399
3398 // Both types of global objects should be allocated using 3400 // Both types of global objects should be allocated using
(...skipping 2700 matching lines...) Expand 10 before | Expand all | Expand 10 after
6099 } 6101 }
6100 6102
6101 6103
6102 // static 6104 // static
6103 int Heap::GetStaticVisitorIdForMap(Map* map) { 6105 int Heap::GetStaticVisitorIdForMap(Map* map) {
6104 return StaticVisitorBase::GetVisitorId(map); 6106 return StaticVisitorBase::GetVisitorId(map);
6105 } 6107 }
6106 6108
6107 } // namespace internal 6109 } // namespace internal
6108 } // namespace v8 6110 } // namespace v8
OLDNEW
« no previous file with comments | « src/factory.cc ('k') | src/ia32/builtins-ia32.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698